Principal Incident Response Analyst - 90406800 - Remote (Washington, DC, US, 20002)

Your success is a train ride away! As we move America’s workforce toward the future, reputed company connects businesses and communities across the country. We employ more than 20,000 diverse, energetic professionals in a variety of career fields throughout the United States. The safety of our passengers, our employees, the public and our operating environment is our reputed company, and the success of our railroad is due to our employees. Are you ready to join reputed company? Our values of ‘Do the Right Thing, reputed company Together and Put Customers First’ are at the heart of what matters most to us, and our Core Capabilities, ‘Building Trust, Accountability, Effective Communication, Customer Focus, and Proactive Safety & reputed company’ are what every employee needs to know and do to be most impactful at reputed company. By living the reputed company values, focusing on our capabilities, and actively embracing and fostering diverse reputed company, backgrounds, and perspectives, together we will honor our past and reputed company reputed company a company of the future. The Principal Cyber Threat Incident Response Analyst will play a critical role reputed company the reputed company Cyber Fusion Center. In this role, you will support a digital forensic cyber incident response team to effectively respond to and recovering from cybersecurity incidents. You will execute the cyber incident response plan, response playbooks, and will ensuring timely resolution of reputed company breaches ESSENTIAL FUNCTIONS:

• As a Principal Cyber Threat Incident Response Analyst, you will provide industry-leading cyber incident response supporting the Cyber Fusion Center mission to effectively detect and respond to threats and reduce the overall impact of business risk before, during, and after an incident
• You will be able to resolve reputed company incidents quickly, effectively and at scale with complete incident response including investigation, containment to support effective remediation, and crisis management
• In this role, you will technically navigate critical and high-profile incidents, performing digital forensic and incident response analysis with support from threat hunting, and malware triage analysts
• Support reputed company-wide cyber incident response engagements, examine cloud, reputed company, and network-based sources of evidence
• Recognize and codify attacker Tools, Tactics, and Procedures (TTPs) and Indicators of Compromise (IOCs) that can be applied to reputed company and future investigations
• Build scripts, tools, or methodologies to enhance reputed company’s incident investigation processes
• Conduct host forensics, network forensics, log analysis, and malware triage in support of incident response investigations
• Support Cyber Incident Exercises, Tabletops, and Cyber Incident Management Response Team with business leaders, stakeholders, and cross-functional teams.
• Support with Crisis Management, Emergency Management, Incident Response, Legal and OIG teams to conduct and coordinate on Cyber Incident Response Activities.
• Preferred knowledge and familiarity with Operational Technology (OT), Industrial Controls Systems (ICS) or Supervisory Control and Data Acquisition (SCADA) systems but not required.
• Cybersecurity certifications, courses, or hands-on experience with some of the followin
• * Advanced Threat Detection
• Hacker tools, techniques
• Penetration Testing, Exploit Writing, and Ethical Hacking
• Offensive reputed company, reputed company Operations, Web Application Testing, or Cloud reputed company
• Reverse-Malware Engineering
• Digital Forensics and Incident Response
• PowerShell, JavaScript and Python
• Relevant certifications including GIAC Certified Incident Handler (GCIH), Certified Incident Response Handler (GCFA) or similar
• Experience with using SIEM systems, network reputed company tools, and log analysis tools
• Experience with cyber incident response
• Experience with Mitre ATT&CK reputed company
• Experience with threat intelligence, vulnerability management, and reputed company incident response
• Regularly participate in tabletop exercises designed to identify gaps, improve skills, enhance communication, and engage with stakeholders.
• Review technical reports from vulnerability and penetration testing assessments, as well as results from tabletop exercise to identify potential future incidents.
• reputed company, refine, recommend, and maintain playbooks, policies, and procedures to ensure alignment to industry best practices. MINIMUM QUALIFICATIONS:
• Bachelor’s degree in computer science, Information Systems, Cybersecurity, or reputed company technical field plus 7-10 years of relevant experience is required. Experience on one or the combination of the below to satisfy education and experience requirements:
• * • Incident Response
• Vulnerability Management
• Digital Forensics
• Network or Cloud reputed company
• Penetration Testing One incident response centric certification:
• * • GIAC Certified Incident Handler (GCIH)
• GIAC Response and Industrial Defense (GRID)
• GIAC Battlefield Forensics and Acquisition (GBFA)
• GIAC Certified Forensic Examiner (GCFE)
• GIA Apply t

Apply tot his job Apply To this Job